I have a code on selenium to test a form. But first i go to another page and then redirect to the my page. When i set cookies to new domain , i got error :
Exception in thread "main" org.openqa.selenium.InvalidCookieDomainException: You may only set cookies for the current domain
My Code :
//it is going to example.com and example redirect me to the "example.com" all cookie domains is "example.com"
driver.get("http://www.example.com?id=1");
Set<Cookie> cookies = driver.manage().getCookies();
Iterator<Cookie> itr = cookies.iterator();
while (itr.hasNext()){
Cookie c = itr.next();
System.out.println("Cookie Name: " + c.getName() + " --- " + "Cookie Domain: " + c.getDomain() + " --- " + "Cookie Value: " + c.getValue());
driver.manage().addCookie(c);
}
How can i manage that ? I have to get/set cookies for example.com
Like mentioned in previous answer this is expected behavior.
The only work around to date is to driver.get("domain.com/404")
page. But this doesn't always work due to SSO often protects domain.com/*
I have made a new feature request on the spec: https://github.com/w3c/webdriver/issues/1238
to make it so the 404 work-around can always work.
The webdriver spec https://w3c.github.io/webdriver/webdriver-spec.html#add-cookie forces the current browser session to be on the domain where you are adding the cookie to.
This makes tons of sense and I agree with it.
This unfortunately prevents 2 key use cases:
You want to re-use cookies from another webdriver session in a new session to avoid repeating the work it took to get the cookies. Such as having to repeat a login. Allow a webdriver pool to be shared amongst unrelated threads where each thread might have their own cookies. The only current work around is to attempt to force the webdriver to go to a 404 error page with something like: webdriver.get("http://the-cookie-domain.com/404adsfasdf"). This would cause the page to go to domain and would allow you to add cookies with addCookie. But this hardly ever works. Because the page is very often protected by SSO, any attempt to go to http://the-cookie-domain.com/* sends you to an SSO login page e.g. http://login.ssodomain.com and now you have the same problem.
We should add a new method to the spec webdriver.goTo404Page(domain) to allow this use-case. This method should simulate a 404 HTTP status code response from domain in the browser.
Alternatively maybe be a new overload to addCookie could allow this, for example: void addCookie(Cookie var1, String goTo404PageOfDomain);
By allowing users to go to a fake 404 page of any given domain, this guarantees the 404-page workaround works for any page and these 2 use cases are now possible.
For firefox, you can modify Marionette slightly to just remove this check.
diff --git a/testing/marionette/cookie.js b/testing/marionette/cookie.js
--- a/testing/marionette/cookie.js
+++ b/testing/marionette/cookie.js
@@ -144,14 +144,14 @@ cookie.add = function(newCookie, {restri
newCookie.domain = "." + newCookie.domain;
}
- if (restrictToHost) {
- if (!restrictToHost.endsWith(newCookie.domain) &&
- ("." + restrictToHost) !== newCookie.domain &&
- restrictToHost !== newCookie.domain) {
- throw new InvalidCookieDomainError(`Cookies may only be set ` +
- `for the current domain (${restrictToHost})`);
- }
- }
+// if (restrictToHost) {
+// if (!restrictToHost.endsWith(newCookie.domain) &&
+// ("." + restrictToHost) !== newCookie.domain &&
+// restrictToHost !== newCookie.domain) {
+// throw new InvalidCookieDomainError(`Cookies may only be set ` +
+// `for the current domain (${restrictToHost})`);
+// }
+// }
// remove port from domain, if present.
// unfortunately this catches IPv6 addresses by mistake
diff --git a/testing/marionette/driver.js b/testing/marionette/driver.js
--- a/testing/marionette/driver.js
+++ b/testing/marionette/driver.js
@@ -2638,9 +2638,9 @@ GeckoDriver.prototype.addCookie = functi
let {protocol, hostname} = this.currentURL;
const networkSchemes = ["ftp:", "http:", "https:"];
- if (!networkSchemes.includes(protocol)) {
- throw new InvalidCookieDomainError("Document is cookie-averse");
- }
+// if (!networkSchemes.includes(protocol)) {
+// throw new InvalidCookieDomainError("Document is cookie-averse");
+// }
let newCookie = cookie.fromJSON(cmd.parameters.cookie);
diff --git a/testing/marionette/test_cookie.js b/testing/marionette/test_cookie.js
--- a/testing/marionette/test_cookie.js
+++ b/testing/marionette/test_cookie.js
@@ -190,10 +190,10 @@ add_test(function test_add() {
});
equal(2, cookie.manager.cookies.length);
- Assert.throws(() => {
- let biscuit = {name: "name3", value: "value3", domain: "domain3"};
- cookie.add(biscuit, {restrictToHost: "other domain"});
- }, /Cookies may only be set for the current domain/);
+// Assert.throws(() => {
+// let biscuit = {name: "name3", value: "value3", domain: "domain3"};
+// cookie.add(biscuit, {restrictToHost: "other domain"});
+// }, /Cookies may only be set for the current domain/);
cookie.add({
name: "name4",
Why not let the browser be redirected to "example.com" before adding the cookies. Once on that domain, add the cookie values you've taken from "example.com" and the refresh the page?
As per the answer by the team on this issue on the project tracker,
The cookies methods only act on cookies that would be visible as this is the only thing that can be made to work consistently across all browsers. The behaviour that you see is the expected behaviour.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With